Win32/Syndicasec Used In Targeted Attacks Against Indian Organizations
During the last couple of months, we’ve observed several RTF exploits that target Indian organizations. The first RTF exploit was...
Bypassing Microsoft’s Patch for the Sandworm Zero Day
This is the second part of our analysis of the Sandworm OLE zero-day vulnerability and the MS14-060 patch bypass. Check out...
Bypassing Microsoft’s Patch for the Sandworm Zero Day, the Root Cause
On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for...
New Exploit of Sandworm Zero-Day Could Bypass Official Patch
Update of October 25: Some comments posted after we published this report suggest that our proof-of-concept exploit will trigger the...
Dropping Files Into Temp Folder Raises Security Concerns
Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have...
CryptoWall Ransomware Built With RC4 Bricks
Last month many Internet users were suddenly forced to trade in Bitcoins. This was not for general purposes–they were paying...
Operation Dragonfly Imperils Industrial Protocol
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about...
Iranian Keylogger Marmoolak Enters via Backdoor
Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by...
Cybercrime ‘Highlights’ of First Quarter 2014
As a supplement to the next McAfee Labs Threats Report, which will appear next month, we offer this timeline of...
RTF Zero-Day Attack CVE-2014-1761 Shows Sophistication of Attackers
A serious RTF zero-day attack has struck recently. McAfee detection solutions were provided a couple of days ago that allowed...
